Today there are many communication systems, often interlinked, that permit the transmission of information from one person or organization to another. Indeed, the information technologies form a vital and significant sector of the economy of most advanced nations and without such technologies it is generally agreed that business productivity, news and information flow and entertainment would be severely impaired. Much of the information flow is by wired connections, for example, through copper cable and increasingly via fiber optic cable, but this is often used in conjunction with wireless connections, for example, in wireless access by cell phone of an Internet website. Wireless Internet access generally requires that a connection be established between a wireless receiver and a transmitter from a server that in turn is typically in communication with a network of other servers, as in the case of the Internet, so that information flows to the cell phone through a wireless connection with a wired network. This type of mixed wired and wireless communication pathway or link is now widely accepted and used.
Often one of the major issues in any form of communication is privacy and security. To that end, most secure data communication methods are designed to preserve the confidentiality of data being transmitted over communication networks, such as telephone networks, the Internet, wireless data transmission systems, and other digital data transmission systems and networks. These methods of secure data transmission include data encryption and decryption algorithms that use long randomly-generated cipher keys. However, encryption of data and messages cannot ensure that the message sender is truly whom he or she holds himself or herself out to be. In other words, cryptography does not authenticate the sender.
For example, to use public key encryption (PKE), the intended recipient must first issue a public encryption key that a prospective sender can use to encrypt a message for delivery to the intended recipient. The message is decryptable only with a private encryption key (the complement of the public key) known only to the intended recipient. A public encryption key distributed over a public network is vulnerable to interception by an eavesdropper. Thus, a recipient of data encrypted using PKE cannot be certain of a sender's identity because an encrypted message can be generated by anyone who has obtained access to the public key.
Various methods are known for authentication of a sending computer. These methods typically employ digital signature algorithms or security certificates authenticated by trusted third parties.
Known encryption, digital signature, and certificate authentication methods are susceptible to playback, middleman, code book, cryptanalysis attacks through monitoring of network traffic associated with the sending and receiving computers or by impersonation of a trusted third party or certificate holder.
Some types of attacks on communications security affect the integrity of the communication rather than its confidentiality. For instance, denial-of-service attacks can disable a receiving node by flooding it with unauthorized messages. Integrity attacks are most harmful when the timely and accurate receipt of a secure communication is important.
U.S. Pat. No. 5,530,758 of Marino, Jr. et al. describes a system and method of secure communication between software applications running on two trusted nodes, which are coupled by an unsecure network link. A simple method of authenticating a sending node is also described. A trusted interface of each trusted node acts as a gateway for all messages sent from or received by applications running on the trusted node. The trusted interface applies security restrictions defined by an identity based access control table (IBAC table), which is predefined for each node by a security administrator. The IBAC table stored at a node lists addresses of trusted nodes to which the local applications are authorized to send messages and from which the local applications are authorized to receive messages. Secure communication is established between trusted nodes in response to a service requests made by the applications. After verifying that a service request designates a remote node listed in the IBAC table, the trusted interface initializes a secure communications channel in cooperation with security kernels of the trusted nodes. The initialization sequence includes an exchange of security certificates and communication security attribute information between the security kernels, which is then used by each node to authenticate the other and to establish a security rating for the channel. Following authentication, the security kernels of the trusted nodes exchange traffic encryption keys which are used for encryption of subsequent data transmitted over the channel.
A need exists for an improved method and system for secure data transmission that is designed to ensure the confidentiality, authenticity, integrity, and non-repudiation of message traffic. A need also exists for such a system that can be deployed in stages to achieve progressively better security as the need arises.
U.S. Pat. No. 6,122,514 to Spaur et al. describes methods of communication channel selection, taking into account the requirements of each application program intended to communicate over one or more available channels. According to the Spaur et al. patent, an application program is designed to provide its applications requirements either dynamically, as the application executes, or statically, at the time of application installation, to the “network channel selection apparatus 14.” See column 5, lines 49 et seq. and FIG. 1. These “requirements” relate to cost factors, transfer rates, etc.
One problem with the approach taught by Spaur et al. is that every application program must be custom designed, or modified, to interact with the network channel selection apparatus as described. This approach is cumbersome, expensive and violates the very essence of interoperability enabled by a layered approach such as the OSI model. The need remains for intelligent link management that is transparent to the application, so that standard “off the shelf” applications can be effectively deployed in the wireless environment. Similarly, at the network interface or link layer level, Spaur et al. teach a link controller/monitor connected to the network interface hardware (FIG. 1). The specification explains:                “The network channel selection apparatus 14 also includes a link controller/monitor 50 that is operatively connected to the network interfaces 30 for receiving information therefrom and making requests thereto. In particular, the link controller/monitor takes responsibility for the control and status of the of the network channels 34a-34n. It maintains a status watch of each such channel by means of its communication with the network interfaces 30. The monitoring process is network channel dependent.”U.S. Pat. No. 6,122,514 at column 9, lines 35 et seq.        
Consequently, it appears that the network interfaces also must be custom designed, or modified, to interact with the link controller/monitor 50 as described. This approach is cumbersome, expensive and violates the very essence of interoperability enabled by a layered approach such as the OSI model. The need remains for intelligent link management that is isolated from and transparent to link channels, so that standard “off the shelf” hardware and software components can be employed. Another limitation of the prior art is that a single communication or “session” is limited to a single communication link outbound, and optionally a second link inbound.
The identified need for improvements in communication efficiency is addressed in our co-pending application entitled “Secure Dynamic Allocation System for Mobile Data Communications, filed Apr. 17, 2001. Since aspects of the described allocation system may be used in conjunction with the present application relating to wireless communications, albeit that the described allocation systems are not the only useful ones, they are described in this application as well for ease of understanding and appreciation.